diff --git a/includes/bootstrap.inc b/includes/bootstrap.inc
index 5eaa05e..c65c8e2 100644
--- a/includes/bootstrap.inc
+++ b/includes/bootstrap.inc
@@ -1698,9 +1698,13 @@ function watchdog_exception($type, Exception $exception, $message = NULL, $varia
  *   - WATCHDOG_DEBUG: Debug-level messages.
  * @param $link
  *   A link to associate with the message.
+ *   SECURITY NOTE: Make sure your link is properly sanitized,
+ *   because it will be printed as-is by logging modules. Use the
+ *   l() function to generate secure links.
  *
  * @see watchdog_severity_levels()
  * @see hook_watchdog()
+ * @see l()
  */
 function watchdog($type, $message, $variables = array(), $severity = WATCHDOG_NOTICE, $link = NULL) {
   global $user, $base_root;